CN110650121A - Stream media data security system based on distributed system - Google Patents
Stream media data security system based on distributed system Download PDFInfo
- Publication number
- CN110650121A CN110650121A CN201910803902.1A CN201910803902A CN110650121A CN 110650121 A CN110650121 A CN 110650121A CN 201910803902 A CN201910803902 A CN 201910803902A CN 110650121 A CN110650121 A CN 110650121A
- Authority
- CN
- China
- Prior art keywords
- data
- distributed system
- public key
- terminal
- nodes
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0464—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload using hop-by-hop encryption, i.e. wherein an intermediate entity decrypts the information and re-encrypts it before forwarding it
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a stream media data security system based on a distributed system, which relates to the technical field of network security, wherein the distributed system comprises an uploading station and a terminal which are connected with the distributed system, and further comprises a public key I, a private key I, a public key II and a private key II which are matched with each other; the uploading stations are provided with a public key one and used for encrypting data transmitted to the uploading stations; the node is provided with a first private key and a second public key, the first private key is used for decrypting data transmitted by the uploading station, and the second public key is used for encrypting a plurality of streaming media files transmitted to the terminal; the terminals are provided with a second private key which is used for decrypting the data received from the terminals. The invention utilizes two pairs of keys, the uploading station uploads the encrypted data to the nodes, the nodes of the distributed system decrypt and re-encrypt the data, and the nodes transmit new encrypted data to the terminal and decrypt the data at the terminal, thereby ensuring the data to be kept secret all the time in the transmission process and improving the safety of data transmission.
Description
Technical Field
The invention relates to the technical field of network security, in particular to a streaming media data secrecy system based on a distributed system.
Background
With the development of networks, the network security problem is increasingly highlighted. With the increasing data volume and the demand of data sharing, the data needs to be stored by a server and transmitted through a network. However, important documents such as government documents, scientific research documents or judicial evidence which need to be kept secret do not avoid the risk of being monitored when being transmitted on the network, so that data needs to be protected in the transmission process.
Common encryption means include symmetric encryption and asymmetric encryption. Asymmetric encryption is to set a pair of matched keys, namely a public key and a private key respectively, by an algorithm. The public key is used for encrypting the file to form an encrypted file, the private key is used for decrypting the encrypted file, and the private key can only break the encrypted file encrypted by the corresponding public key. The use of asymmetric encryption greatly enhances the security of files transmitted over a network.
However, data is propagated using a server, and has to undergo upload and download, so data protection has to be done for transmission in both directions.
Disclosure of Invention
The invention aims to provide a streaming media data security system based on a distributed system, which utilizes two pairs of keys, uploads encrypted data to a node by an uploading station, decrypts and re-encrypts the data at the node of the distributed system, transmits new encrypted data to a terminal by the node and decrypts at the terminal, ensures that the data is always kept secret in the transmission process, and improves the security of data transmission.
The above object of the present invention is achieved by the following technical solutions:
a stream media data security system based on a distributed system comprises the distributed system with a plurality of nodes and a plurality of terminals, the terminals are connected with the distributed system through a network, and the nodes transmit data to the terminals through a stream media protocol, comprising: the work stations are in one-to-one communication connection with the nodes and used for uploading data to the nodes; the public key I and the private key I are matched with each other, and the public key II and the private key II are matched with each other; each uploading station is provided with a first public key, and the uploading station encrypts data by using the first public key when transmitting the data to the node; each node is provided with a first private key and a second public key, the first private key is used for decrypting data transmitted by the uploading station, and the second public key is used for encrypting a plurality of streaming media files transmitted by the terminal; and each terminal is provided with a second private key, and the terminal receives the data from the node and then decrypts the data by using the second private key.
By adopting the technical scheme, the uploading station uploads the encrypted data to the node by using the two pairs of keys, the node decrypts and re-encrypts the data in the distributed system, and the node transmits new encrypted data to the terminal and decrypts the data at the terminal, so that the data is kept secret all the time in the transmission process, and the safety of data transmission is improved. Furthermore, the terminal can only access to obtain data and cannot upload the data, the data can only be uploaded to the node through the uploading station and cannot be stored in the terminal, and therefore the safety of the data can be further improved.
The invention is further configured to: the uploading station comprises a host computer which establishes communication connection with the node.
By adopting the technical scheme, the connection line between the uploading station and the node is minimized, and the burden of the node is reduced.
The invention is further configured to: the uploading station comprises a plurality of extension sets which are connected with the host through a local area network, and the extension sets are provided with the public key I.
By adopting the technical scheme, the data can be encrypted by using the extension besides the host at the uploading station, but only the host is used for establishing connection with the node, and the burden of the node is not increased.
The invention is further configured to: and the uploading station and the nodes are in one-way transmission so as to ensure that data can only be transmitted to the nodes by the uploading station.
By adopting the technical scheme, data cannot be extracted from the uploading station direction to the nodes, and the safety of the data in the nodes is improved.
The invention is further configured to: and the terminal and the node establish connection in a wired or wireless mode.
By adopting the technical scheme, the interaction between the terminal and the distributed system is facilitated.
The invention is further configured to: the terminal is one of a desktop computer, a notebook computer, a pad and a mobile phone.
By adopting the technical scheme, people can conveniently extract necessary information from the nodes on different devices.
In conclusion, the beneficial technical effects of the invention are as follows:
the two pairs of keys are utilized, the uploading station uploads the encrypted data to the nodes, the nodes in the distributed system decrypt and re-encrypt the data, the nodes transmit new encrypted data to the terminal and decrypt the data at the terminal, the data are guaranteed to be kept secret all the time in the transmission process, and the safety of data transmission is improved.
Drawings
Fig. 1 is a schematic diagram of a connection structure of a streaming media data security system based on a distributed system.
In the figure, 1, a distributed system; 2. an uploading station; 3. and (4) a terminal.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings.
The invention discloses a stream media data security system based on a distributed system 1, which comprises a distributed system 1 with a plurality of nodes, a plurality of terminals 3 which are connected with the distributed system 1 and a plurality of uploading stations 2 which are connected with the nodes in a one-to-one manner; the method also comprises a first matched private key and a first matched public key, and a second matched private key and a second matched public key.
The uploading station 2 comprises a host and a plurality of extension sets which are connected with the host through a local area network. The host and the uploading station 2 perform unidirectional transmission through a line to ensure that data can only be transmitted to the node by the uploading station 2. The host and the branch machines are respectively provided with a public key I, the host and the branch machines can encrypt data needing to be uploaded to the node, and the encrypted data are uploaded to the node through the host.
The terminal 3 is connected with the node through a network, the terminal 3 can be one of a desktop computer, a notebook computer, a pad and a mobile phone, and the terminal is connected with the node in a wired or wireless mode. The nodes transmit data to the terminal 3 via a streaming media protocol.
After receiving the confidential data transmitted by the uploading station 2, the node decrypts the confidential data by using the first private key. When the node transmits data to the terminal 3, a plurality of streaming media files are encrypted through the public key two at the node. And the terminal 3 decrypts the file by using the second private key after receiving the file.
The data keeps the encrypted state all the time in the process from the uploading station 2 to the node and from the node to the terminal 3, thereby improving the safety of data transmission.
The embodiments of the present invention are preferred embodiments of the present invention, and the scope of the present invention is not limited by these embodiments, so: all equivalent changes made according to the structure, shape and principle of the invention are covered by the protection scope of the invention.
Claims (6)
1. A stream media data security system based on a distributed system comprises the distributed system (1) with a plurality of nodes and a plurality of terminals (3), the terminals (3) are connected with the distributed system (1) through a network, and the nodes transmit data to the terminals (3) through a stream media protocol, and the system is characterized in that:
the method comprises the following steps: the work stations are in one-to-one communication connection with the nodes and used for uploading data to the nodes; the public key I and the private key I are matched with each other, and the public key II and the private key II are matched with each other;
each uploading station (2) is provided with a first public key, and the uploading stations (2) encrypt data by using the first public key when transmitting the data to the nodes;
each node is provided with a first private key and a second public key, the private key is used for decrypting data transmitted by the uploading station (2), and the second public key is used for encrypting a plurality of streaming media files transmitted by the terminal (3);
each terminal (3) has a second private key, and the terminal (3) receives data from the node and then decrypts the data by using the second private key.
2. The streaming media data security system based on the distributed system as claimed in claim 1, wherein: the uploading station (2) comprises a host computer which establishes communication connection with the node.
3. The streaming media data security system based on the distributed system as claimed in claim 2, wherein: the uploading station (2) comprises a plurality of extension sets which are connected with the host through a local area network, and the extension sets are provided with the public key I.
4. The streaming media data security system based on the distributed system as claimed in claim 1, wherein: the uploading station (2) and the nodes are in one-way transmission so as to ensure that data can only be transmitted to the nodes by the uploading station (2).
5. The streaming media data security system based on the distributed system as claimed in claim 1, wherein: and the terminal (3) and the node are connected in a wired or wireless mode.
6. The streaming media data security system based on the distributed system as claimed in claim 1, wherein: the terminal (3) is one of a desktop computer, a notebook computer, a pad and a mobile phone.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910803902.1A CN110650121A (en) | 2019-08-28 | 2019-08-28 | Stream media data security system based on distributed system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910803902.1A CN110650121A (en) | 2019-08-28 | 2019-08-28 | Stream media data security system based on distributed system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110650121A true CN110650121A (en) | 2020-01-03 |
Family
ID=68991073
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910803902.1A Pending CN110650121A (en) | 2019-08-28 | 2019-08-28 | Stream media data security system based on distributed system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110650121A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113541934A (en) * | 2021-05-18 | 2021-10-22 | 南通京希信息技术有限公司 | Encryption communication method and system and electronic equipment |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7213149B2 (en) * | 1999-12-02 | 2007-05-01 | Sony Deutschland Gmbh | Message authentication |
| CN101882996A (en) * | 2010-05-28 | 2010-11-10 | 南京邮电大学 | Information encryption and decryption method in distributed system based on identity |
| WO2012163043A1 (en) * | 2011-11-09 | 2012-12-06 | 华为技术有限公司 | Method, device and system for protecting data security in cloud |
| CN102868519A (en) * | 2011-07-04 | 2013-01-09 | 周哲仰 | Data security method and system |
| CN106941492A (en) * | 2017-03-30 | 2017-07-11 | 南京瑞合新信息技术有限公司 | Data safe transmission method between multiple cloud service nodes |
| CN108028834A (en) * | 2015-06-25 | 2018-05-11 | 胡雪松 | Apparatus and method for Implementation of File Transfer |
| CN109905380A (en) * | 2019-02-15 | 2019-06-18 | 腾讯科技(深圳)有限公司 | Node control method and relevant apparatus in a kind of distributed system |
-
2019
- 2019-08-28 CN CN201910803902.1A patent/CN110650121A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7213149B2 (en) * | 1999-12-02 | 2007-05-01 | Sony Deutschland Gmbh | Message authentication |
| CN101882996A (en) * | 2010-05-28 | 2010-11-10 | 南京邮电大学 | Information encryption and decryption method in distributed system based on identity |
| CN102868519A (en) * | 2011-07-04 | 2013-01-09 | 周哲仰 | Data security method and system |
| WO2012163043A1 (en) * | 2011-11-09 | 2012-12-06 | 华为技术有限公司 | Method, device and system for protecting data security in cloud |
| CN108028834A (en) * | 2015-06-25 | 2018-05-11 | 胡雪松 | Apparatus and method for Implementation of File Transfer |
| CN106941492A (en) * | 2017-03-30 | 2017-07-11 | 南京瑞合新信息技术有限公司 | Data safe transmission method between multiple cloud service nodes |
| CN109905380A (en) * | 2019-02-15 | 2019-06-18 | 腾讯科技(深圳)有限公司 | Node control method and relevant apparatus in a kind of distributed system |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113541934A (en) * | 2021-05-18 | 2021-10-22 | 南通京希信息技术有限公司 | Encryption communication method and system and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7602919B2 (en) | Method of integrating QKD with IPSec | |
| CN109842485B (en) | Centralized quantum key service network system | |
| CN108510270B (en) | Mobile transfer method with safe quantum | |
| CN102088441B (en) | Data encryption transmission method and system for message-oriented middleware | |
| CN101707767B (en) | Data transmission method and devices | |
| CN108540436B (en) | Communication system and communication method for realizing information encryption and decryption transmission based on quantum network | |
| CN109981584B (en) | Block chain-based distributed social contact method | |
| CN103338437A (en) | Encryption method and system of mobile instant message | |
| CN110224821A (en) | A kind of communication encrypting method of unmanned mobile platform | |
| CN102088352B (en) | Data encryption transmission method and system for message-oriented middleware | |
| CN105792190A (en) | Data encryption, decryption and transmission method in communication system | |
| CN104901803A (en) | Data interaction safety protection method based on CPK identity authentication technology | |
| CN109462471A (en) | The method of information transmission encryption based on national secret algorithm in conjunction with Technique on Quantum Communication | |
| US10601586B2 (en) | Method and apparatus for key management of end encrypted transmission | |
| CN109842442B (en) | Quantum key service method taking airport as regional center | |
| CN104270380A (en) | End-to-end encryption method and system based on mobile network and communication client side | |
| CN112187757A (en) | Multilink privacy data circulation system and method | |
| CN103167494A (en) | Information sending method and information sending system | |
| CN108206738B (en) | Quantum key output method and system | |
| CN105847001A (en) | Device, system and method for digital microwave communication based on quantum encryption | |
| CN205792703U (en) | Data encryption and shielding system | |
| CN210183353U (en) | Data safety transmission system based on data splitting | |
| CN110650121A (en) | Stream media data security system based on distributed system | |
| CN105827601A (en) | Data encryption application method and system of mobile device | |
| CN203537408U (en) | End-to-end voice communication privacy device with assignable secret key |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200103 |
|
| RJ01 | Rejection of invention patent application after publication |